General

  • Target

    NEAS.ce3f8d0d45397eec031f4faf5172e970.exe

  • Size

    226KB

  • Sample

    231022-v14a9sag69

  • MD5

    ce3f8d0d45397eec031f4faf5172e970

  • SHA1

    d64dac5db1a5b4ef1e54c6431c638471819c0201

  • SHA256

    e75efcc340bdf49b86ba491173ebe4ec2a97a3cfa2fc1934d59ee441478efbaa

  • SHA512

    179ccea4ec0d955f90b7afbe53ea660fab9012fd8b746b01fed57fc8b243861affbe6ec5b44babb7d8bdb946389fd4c1bc78c68cdee3567500555e90060133d9

  • SSDEEP

    6144:POhGIgw4dH4kXfxqySSKpRmSKeTk7eT5ABrnL8MdYg:PMuw4dJ5IKrEAlnLAg

Malware Config

Targets

    • Target

      NEAS.ce3f8d0d45397eec031f4faf5172e970.exe

    • Size

      226KB

    • MD5

      ce3f8d0d45397eec031f4faf5172e970

    • SHA1

      d64dac5db1a5b4ef1e54c6431c638471819c0201

    • SHA256

      e75efcc340bdf49b86ba491173ebe4ec2a97a3cfa2fc1934d59ee441478efbaa

    • SHA512

      179ccea4ec0d955f90b7afbe53ea660fab9012fd8b746b01fed57fc8b243861affbe6ec5b44babb7d8bdb946389fd4c1bc78c68cdee3567500555e90060133d9

    • SSDEEP

      6144:POhGIgw4dH4kXfxqySSKpRmSKeTk7eT5ABrnL8MdYg:PMuw4dJ5IKrEAlnLAg

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks